bullet_train-super_load_and_authorize_resource 1.6.22 → 1.6.23
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e484476f7b8f262a322127bc027203905b594abb4b7e3e9a31b7fe77b5a98d1d
|
4
|
+
data.tar.gz: 528482cd2d57a49d22e480a86e40f34975bb22f660be061b489815eedc7a936f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2c51f7fd70bf87b2ca1b27275bb79fc5dd12ad632eb4f058d9221a1f2500a88669237e492920987ba144dc4bf875b4fca59880951fccfee5c4eae4f4c1e9a7a2
|
7
|
+
data.tar.gz: 89968963fe8f054b23b14847b1ccaf7a28b4ad577524936f05f5002a745e0a6874594f68c0308fb29951f330b67c27b2c9c82ec4c705dd20b55ba08a13f62882
|
@@ -29,7 +29,7 @@ module BulletTrain::LoadsAndAuthorizesResource
|
|
29
29
|
#
|
30
30
|
# to help you understand the code below, usually `through` is `team`
|
31
31
|
# and `model` is something like `project`.
|
32
|
-
def account_load_and_authorize_resource(model,
|
32
|
+
def account_load_and_authorize_resource(model, positional_through = nil, through: positional_through, collection_actions: [], member_actions: [], except: [], **options)
|
33
33
|
# options are now required, because you have to have at least a 'through' setting.
|
34
34
|
|
35
35
|
# we used to support calling this method with a signature like this:
|
@@ -42,69 +42,38 @@ module BulletTrain::LoadsAndAuthorizesResource
|
|
42
42
|
raise "Bullet Train has depreciated this method of calling `account_load_and_authorize_resource`. Read the comments on this line of source for more details."
|
43
43
|
end
|
44
44
|
|
45
|
-
# this is providing backward compatibility for folks who are calling this method like this:
|
46
|
-
# account_load_and_authorize_resource :thing, through: :team, through_association: :scaffolding_things
|
47
|
-
# i'm going to deprecate this at some point.
|
48
|
-
if options.is_a?(Hash)
|
49
|
-
through = options[:through]
|
50
|
-
options.delete(:through)
|
51
|
-
else
|
52
|
-
through = options
|
53
|
-
options = old_options
|
54
|
-
end
|
55
|
-
|
56
45
|
# fetch the namespace of the controller. this should generally match the namespace of the model, except for the
|
57
46
|
# `account` part.
|
58
47
|
namespace = model_namespace_from_controller_namespace
|
59
48
|
|
60
|
-
|
61
|
-
|
62
|
-
# check whether the parent exists in the model namespace.
|
63
|
-
model_class_name = (namespace + [model.to_s.classify]).join("::")
|
64
|
-
model_class_name.constantize
|
65
|
-
rescue NameError
|
66
|
-
tried << model_class_name
|
67
|
-
if namespace.any?
|
68
|
-
namespace.pop
|
69
|
-
retry
|
70
|
-
else
|
71
|
-
raise "Oh no, it looks like your call to 'account_load_and_authorize_resource' is broken. We tried #{tried.join(" and ")}, but didn't find a valid class name."
|
72
|
-
end
|
49
|
+
model_class_names = namespace.size.downto(0).map do
|
50
|
+
[*namespace, model.to_s.classify].join("::").tap { namespace.pop }
|
73
51
|
end
|
74
52
|
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
through_class_names = []
|
53
|
+
model_class = model_class_names.find(&:safe_constantize)&.safe_constantize
|
54
|
+
unless model_class
|
55
|
+
raise "Your 'account_load_and_authorize_resource' is broken. We tried #{model_class_names.join(" and ")}, but didn't find a valid class name."
|
56
|
+
end
|
80
57
|
|
81
|
-
through_as_symbols
|
58
|
+
through_as_symbols = Array(through)
|
59
|
+
through_class_names = through_as_symbols.map do |through_as_symbol|
|
82
60
|
# reflect on the belongs_to association of the child model to figure out the class names of the parents.
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
through_as_symbol
|
87
|
-
)
|
88
|
-
)
|
89
|
-
raise "Oh no, it looks like your call to 'account_load_and_authorize_resource' is broken. Tried to reflect on the `#{through_as_symbol}` association of #{model_class_name}, but didn't find one."
|
61
|
+
association = model_class.reflect_on_association(through_as_symbol)
|
62
|
+
unless association
|
63
|
+
raise "Your 'account_load_and_authorize_resource' is broken. Tried to reflect on the `#{through_as_symbol}` association of #{model_class_name}, but didn't find one."
|
90
64
|
end
|
91
65
|
|
92
|
-
|
93
|
-
|
94
|
-
begin
|
95
|
-
through << through_class_name.constantize
|
96
|
-
through_class_names << through_class_name
|
97
|
-
rescue NameError
|
98
|
-
raise "Oh no, it looks like your call to 'account_load_and_authorize_resource' is broken. We tried to load `#{through_class_name}}` (the class name defined for the `#{through_as_symbol}` association), but couldn't find it."
|
99
|
-
end
|
66
|
+
association.klass.name
|
100
67
|
end
|
101
68
|
|
102
69
|
if through_as_symbols.count > 1 && !options[:polymorphic]
|
103
70
|
raise "When a resource can be loaded through multiple parents, please specify the 'polymorphic' option to tell us what that controller calls the parent, e.g. `polymorphic: :imageable`."
|
104
71
|
end
|
105
72
|
|
106
|
-
|
107
|
-
|
73
|
+
instance_variable_name = "@#{options[:polymorphic] || through_as_symbols.first}"
|
74
|
+
|
75
|
+
# `collection_actions:` and `member_actions:` provide support for shallow nested resources, which
|
76
|
+
# keep our routes tidy even after many levels of nesting. most people
|
108
77
|
# i talk to don't actually know about this feature in rails, but it's
|
109
78
|
# actually the recommended approach in the rails routing documentation.
|
110
79
|
#
|
@@ -113,20 +82,11 @@ module BulletTrain::LoadsAndAuthorizesResource
|
|
113
82
|
# separate calls to `load_and_authorize_resource` for member and collection
|
114
83
|
# actions, we ask controllers to specify these actions separately, e.g.:
|
115
84
|
# `account_load_and_authorize_resource :invitation, :team, member_actions: [:accept, :promote]`
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
# this option is native to cancancan and allows you to skip account_load_and_authorize_resource
|
85
|
+
#
|
86
|
+
# `except:` is native to cancancan and allows you to skip account_load_and_authorize_resource
|
120
87
|
# for a specific action that would otherwise run it (e.g. see invitations#show.)
|
121
|
-
|
122
|
-
|
123
|
-
collection_actions =
|
124
|
-
(%i[index new create reorder] + collection_actions) - except_actions
|
125
|
-
member_actions =
|
126
|
-
(%i[show edit update destroy] + member_actions) - except_actions
|
127
|
-
|
128
|
-
options.delete(:collection_actions)
|
129
|
-
options.delete(:member_actions)
|
88
|
+
collection_actions = (%i[index new create reorder] + collection_actions) - except
|
89
|
+
member_actions = (%i[show edit update destroy] + member_actions) - except
|
130
90
|
|
131
91
|
# NOTE: because we're using prepend for all of these, these are written in backwards order
|
132
92
|
# of how they'll be executed during a request!
|
@@ -136,42 +96,36 @@ module BulletTrain::LoadsAndAuthorizesResource
|
|
136
96
|
|
137
97
|
# x. this and the thing below it are only here to make a sortable concern possible.
|
138
98
|
prepend_before_action only: member_actions do
|
139
|
-
|
140
|
-
|
141
|
-
eval "@parent_object = @#{instance_variable_name}"
|
99
|
+
@child_object = instance_variable_get("@#{model}")
|
100
|
+
@parent_object = instance_variable_get instance_variable_name
|
142
101
|
end
|
143
102
|
|
144
103
|
prepend_before_action only: collection_actions do
|
145
|
-
|
146
|
-
|
147
|
-
if options[:through_association].present?
|
148
|
-
eval "@child_collection = :#{options[:through_association]}"
|
149
|
-
else
|
150
|
-
eval "@child_collection = :#{model.to_s.pluralize}"
|
151
|
-
end
|
104
|
+
@parent_object = instance_variable_get instance_variable_name
|
105
|
+
@child_collection = options[:through_association].presence&.to_sym || model.to_s.pluralize.to_sym
|
152
106
|
end
|
153
107
|
|
154
108
|
prepend_before_action only: member_actions do
|
155
|
-
|
156
|
-
|
157
|
-
through_as_symbols.
|
158
|
-
|
159
|
-
|
160
|
-
eval eval_string
|
109
|
+
model_instance = instance_variable_get("@#{model}")
|
110
|
+
if model_instance && !instance_variable_defined?(instance_variable_name)
|
111
|
+
parent = through_as_symbols.lazy.filter_map { model_instance.public_send(_1) }.first
|
112
|
+
instance_variable_set instance_variable_name, parent
|
113
|
+
end
|
161
114
|
end
|
162
115
|
|
163
116
|
if options[:polymorphic]
|
164
117
|
prepend_before_action only: collection_actions do
|
165
|
-
|
166
|
-
through_as_symbols.
|
167
|
-
|
118
|
+
unless instance_variable_defined?("@#{options[:polymorphic]}")
|
119
|
+
parent = through_as_symbols.lazy.filter_map { instance_variable_get "@#{_1}" }.first
|
120
|
+
instance_variable_set "@#{options[:polymorphic]}", parent
|
121
|
+
end
|
168
122
|
end
|
169
123
|
end
|
170
124
|
|
171
125
|
# 3. on action resource, we have a specific id for the child resource, so load it directly.
|
172
126
|
load_and_authorize_resource model,
|
173
127
|
options.merge(
|
174
|
-
class:
|
128
|
+
class: model_class.name,
|
175
129
|
only: member_actions,
|
176
130
|
prepend: true,
|
177
131
|
shallow: true
|
@@ -180,7 +134,7 @@ module BulletTrain::LoadsAndAuthorizesResource
|
|
180
134
|
# 2. only load the child resource through the parent resource for collection actions.
|
181
135
|
load_and_authorize_resource model,
|
182
136
|
options.merge(
|
183
|
-
class:
|
137
|
+
class: model_class.name,
|
184
138
|
through: through_as_symbols,
|
185
139
|
only: collection_actions,
|
186
140
|
prepend: true,
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bullet_train-super_load_and_authorize_resource
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.6.
|
4
|
+
version: 1.6.23
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Andrew Culver
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-12-
|
11
|
+
date: 2023-12-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: cancancan
|